Networked Lotus Notes (LN) environments are an example of a computer network as described above, which is well known in the art. Usually, such LN environments comprise LN databases to store and maintain information and make it accessible to other LN users. In terms of the present invention these LN databases represent information sources. They are identified by their unique location on a home server and an unique name. Each LN user is identified by a name, e.g. “Hugo Strong/Germany/IBM”, and an internal ID structure.
An LN user can only access an LN database if he knows the identity of said database and if he is authorized to access said database. Therefore he has to be listed in an Access Control List (ACL) of said database. As further entries beside the identity of the authorized users the ACL comprises an access mode for each authorized user representing his access privileges. There are several different access modes, as e.g. “Editor”, “read and write” or “read only”. Thus, it is possible to distinguish between e.g. authors and readers of the database documents. Granting, restricting or revoking access privileges can only be carried out by modifying the ACL. This editing has to be done manually by specially authorized master administrators, like e.g. an LN user with access mode “manager”.
A very common and comfortable way to communicate an LN database to other LN users is sending a reference to said LN database in an LN mail. According to the state of the art, the receiver of such a reference can only access the corresponding LN database directly if he is listed in the corresponding ACL with appropriate access privileges.
This mechanism of passing references and accessing the corresponding information sources involves several problems. As every LN user can pass the reference of an LN database to another LN user the number of LN users knowing said LN database is likely to grow constantly. Not even a master administrator being responsible for the ACL of said LN database will be able to name all “knowing” LN users because communication of a reference transfer is not required. As the granting of access rights is independent of a reference transfer and can only be done on request by specially authorized master administrators it is often tedious to use a referenced information source. In practice, Restriction and revocation of access rights is even harder to achieve because this has to be done manually, too. Thus, the ACLs tend to grow constantly or, at least, to be longer than appropriate, causing a potential for unintentional access permission.